Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/kviXKUG_QY7yTcWitYU5f3vKZu8.roa
File: kviXKUG_QY7yTcWitYU5f3vKZu8.roa (raw, json)
Hash identifier: BTlYl/PQjUqPHXwlLnBWNfGHJ9xk+eh/TXu32cRJ0a4=
Subject key identifier: 92:F8:97:29:41:BF:41:8E:F2:4D:C5:A2:B5:85:39:7F:7B:CA:66:EF
Certificate issuer: /CN=29fb7da3b44e41b32369e4a5c790d3081fc69aa9
Certificate serial: 018CC64AF88213C8042E3036EF99BE8E5CBD
Authority key identifier: 29:FB:7D:A3:B4:4E:41:B3:23:69:E4:A5:C7:90:D3:08:1F:C6:9A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/kviXKUG_QY7yTcWitYU5f3vKZu8.roa
Signing time: Mon 01 Jan 2024 18:30:51 +0000
ROA not before: Mon 01 Jan 2024 18:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16019
IP address blocks: 62.245.64.0/18 maxlen: 18
46.167.224.0/19 maxlen: 19
62.245.96.0/19 maxlen: 19
46.167.192.0/19 maxlen: 19
46.167.192.0/18 maxlen: 18
62.245.64.0/19 maxlen: 19
84.242.96.0/19 maxlen: 19
109.107.192.0/19 maxlen: 19
93.90.160.0/20 maxlen: 20
31.30.0.0/17 maxlen: 17
84.242.64.0/19 maxlen: 19
31.30.0.0/16 maxlen: 16
84.242.64.0/18 maxlen: 18
213.220.224.0/19 maxlen: 19
88.146.192.0/18 maxlen: 18
89.103.0.0/16 maxlen: 16
84.42.128.0/17 maxlen: 17
141.170.128.0/18 maxlen: 18
84.42.128.0/18 maxlen: 18
141.170.128.0/19 maxlen: 19
213.220.192.0/19 maxlen: 19
213.220.192.0/18 maxlen: 18
93.99.128.0/17 maxlen: 17
86.49.0.0/17 maxlen: 17
86.49.0.0/16 maxlen: 16
94.113.0.0/16 maxlen: 16
89.177.0.0/16 maxlen: 16
86.49.128.0/17 maxlen: 17
84.42.192.0/18 maxlen: 18
141.170.160.0/19 maxlen: 19
80.95.96.0/19 maxlen: 19
31.169.128.0/17 maxlen: 17
31.169.128.0/18 maxlen: 18
188.95.120.0/21 maxlen: 21
78.45.0.0/16 maxlen: 16
81.27.200.0/21 maxlen: 21
77.48.0.0/17 maxlen: 17
77.48.0.0/16 maxlen: 16
94.112.0.0/16 maxlen: 16
89.176.0.0/16 maxlen: 16
94.112.0.0/15 maxlen: 15
89.176.0.0/15 maxlen: 15
78.102.0.0/17 maxlen: 17
89.102.0.0/16 maxlen: 16
78.102.0.0/16 maxlen: 16
89.102.0.0/15 maxlen: 15
62.240.160.0/20 maxlen: 20
62.240.160.0/19 maxlen: 19
62.240.176.0/20 maxlen: 20
88.146.128.0/18 maxlen: 18
88.146.128.0/17 maxlen: 17
93.99.0.0/17 maxlen: 17
31.169.192.0/18 maxlen: 18
77.48.128.0/17 maxlen: 17
93.99.0.0/16 maxlen: 16
78.102.128.0/17 maxlen: 17
78.44.0.0/16 maxlen: 16
178.77.192.0/19 maxlen: 19
78.44.0.0/15 maxlen: 15
46.135.0.0/16 maxlen: 16
178.77.192.0/18 maxlen: 18
178.77.224.0/19 maxlen: 19
213.192.0.0/18 maxlen: 18
213.192.0.0/19 maxlen: 19
213.192.32.0/19 maxlen: 19
217.77.160.0/20 maxlen: 20
31.30.128.0/17 maxlen: 17
62.24.64.0/19 maxlen: 19
62.24.64.0/20 maxlen: 20
62.24.80.0/20 maxlen: 20
82.142.64.0/18 maxlen: 18
81.27.192.0/21 maxlen: 21
81.27.192.0/20 maxlen: 20
2a02:8300::/28 maxlen: 28
2a00:11b0::/29 maxlen: 29
2a02:8300::/29 maxlen: 29
2a02:8308::/29 maxlen: 29
2a01:5e0:8000::/33 maxlen: 33
2a01:5e0::/33 maxlen: 33
2a01:5e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:f8:82:13:c8:04:2e:30:36:ef:99:be:8e:5c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29fb7da3b44e41b32369e4a5c790d3081fc69aa9
Validity
Not Before: Jan 1 18:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92f8972941bf418ef24dc5a2b585397f7bca66ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:45:99:cf:9d:a0:78:75:18:e0:a5:06:3a:f4:
e4:20:f4:e5:d2:13:23:c6:40:95:11:cf:22:35:45:
87:e7:96:a9:f6:6f:1c:a7:15:f2:36:13:02:2b:f2:
b4:bc:83:8d:39:da:95:d0:f9:18:af:e5:0b:e9:3e:
43:aa:73:3b:83:67:93:56:1a:26:4d:73:8b:75:ec:
cc:d0:86:0d:fe:5f:88:f6:47:0c:29:c5:94:5b:e7:
18:aa:f8:e6:46:24:76:41:33:b8:4a:42:93:6e:e3:
8a:4a:eb:af:f9:20:ff:ed:fa:3f:d5:b9:24:3b:0a:
26:d4:f7:f6:8c:06:1e:34:7d:4d:8e:59:fa:1f:df:
0c:1c:a6:4b:4d:d8:22:9e:2c:e2:49:13:c4:6e:30:
34:80:ec:a9:98:73:c2:48:fe:1e:3c:ce:e6:ac:4a:
e3:da:7b:d2:42:ac:bc:e2:cc:76:0f:f0:c8:a2:47:
11:f2:1a:8f:6a:93:77:cc:17:04:fe:a4:69:e4:72:
64:10:79:08:8c:d0:ea:e6:4b:ac:f9:1c:49:59:a7:
a8:0f:8e:79:3c:e9:8a:5a:7b:a0:ce:2d:1d:9b:f7:
72:b5:7a:01:4e:1d:77:3e:9d:bb:c4:2b:1b:42:f5:
98:68:31:ed:e8:b4:5e:4b:fb:83:24:71:7a:cc:80:
de:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F8:97:29:41:BF:41:8E:F2:4D:C5:A2:B5:85:39:7F:7B:CA:66:EF
X509v3 Authority Key Identifier:
keyid:29:FB:7D:A3:B4:4E:41:B3:23:69:E4:A5:C7:90:D3:08:1F:C6:9A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/kviXKUG_QY7yTcWitYU5f3vKZu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.30.0.0/16
31.169.128.0/17
46.135.0.0/16
46.167.192.0/18
62.24.64.0/19
62.240.160.0/19
62.245.64.0/18
77.48.0.0/16
78.44.0.0/15
78.102.0.0/16
80.95.96.0/19
81.27.192.0/20
82.142.64.0/18
84.42.128.0/17
84.242.64.0/18
86.49.0.0/16
88.146.128.0/17
89.102.0.0/15
89.176.0.0/15
93.90.160.0/20
93.99.0.0/16
94.112.0.0/15
109.107.192.0/19
141.170.128.0/18
178.77.192.0/18
188.95.120.0/21
213.192.0.0/18
213.220.192.0/18
217.77.160.0/20
IPv6:
2a00:11b0::/29
2a01:5e0::/32
2a02:8300::/28
Signature Algorithm: sha256WithRSAEncryption
60:93:c9:74:ac:36:33:5f:56:7c:18:87:ae:81:56:e5:e2:c6:
76:f2:96:7d:01:36:00:50:e6:56:b7:35:b2:32:c8:89:6e:02:
41:c0:3f:57:a7:ca:08:4d:28:8c:89:5d:4e:86:42:8d:56:81:
c3:66:d2:b7:00:54:da:71:23:a1:07:10:15:27:18:b6:d9:9e:
f8:0f:48:d8:3d:34:e8:eb:08:9e:99:bc:97:d8:43:68:c3:a1:
c8:3d:2b:9e:28:39:58:9b:09:8b:bd:e1:b3:15:b3:99:e2:79:
84:95:25:aa:e0:05:ed:47:69:b9:1a:18:e1:cc:38:10:b0:a4:
d0:23:22:c5:96:a3:ac:43:f6:0c:13:cf:66:da:0a:ed:b8:4d:
11:0e:a2:bb:c9:a7:48:59:75:74:ce:0d:33:a5:d8:30:fd:7c:
2c:26:db:b4:0b:ab:ff:79:e6:fa:d8:0b:c4:c6:ed:52:ed:b6:
62:67:54:65:22:59:a9:e4:ba:1d:b7:88:b0:f6:dc:0b:eb:9b:
22:f1:bd:49:1e:5f:0d:57:ca:f5:38:39:11:7e:c2:07:94:fa:
c3:04:be:11:e7:0f:fd:62:e5:e4:91:b4:ec:8d:28:b3:c0:a4:
73:5a:1c:a1:78:d5:34:07:37:15:39:f9:ac:4b:a6:a8:86:ca:
7e:59:11:7e
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAYzGSviCE8gELjA275m+jly9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmI3ZGEzYjQ0ZTQxYjMyMzY5ZTRhNWM3OTBkMzA4MWZj
NjlhYTkwHhcNMjQwMTAxMTgzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY4OTcyOTQxYmY0MThlZjI0ZGM1YTJiNTg1Mzk3ZjdiY2E2NmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkWZz52geHUY4KUGOvTkIPTl0hMj
xkCVEc8iNUWH55ap9m8cpxXyNhMCK/K0vIONOdqV0PkYr+UL6T5DqnM7g2eTVhom
TXOLdezM0IYN/l+I9kcMKcWUW+cYqvjmRiR2QTO4SkKTbuOKSuuv+SD/7fo/1bkk
Owom1Pf2jAYeNH1Njln6H98MHKZLTdginiziSRPEbjA0gOypmHPCSP4ePM7mrErj
2nvSQqy84sx2D/DIokcR8hqPapN3zBcE/qRp5HJkEHkIjNDq5kus+RxJWaeoD455
POmKWnugzi0dm/dytXoBTh13Pp27xCsbQvWYaDHt6LReS/uDJHF6zIDefwIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFJL4lylBv0GO8k3ForWFOX97ymbvMB8GA1UdIwQY
MBaAFCn7faO0TkGzI2nkpceQ0wgfxpqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Z0OW83Uk9RYk1qYWVTbHg1RFRDQl9HbXFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xN2EwMTYtMjZjNy00MjRjLTg2MmYt
YmNhYzhiNTUyYTlhLzEva3ZpWEtVR19RWTd5VGNXaXRZVTVmM3ZLWnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xN2EwMTYtMjZjNy00MjRjLTg2MmYtYmNhYzhiNTUyYTlh
LzEvS2Z0OW83Uk9RYk1qYWVTbHg1RFRDQl9HbXFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBqwQCAAEwgaQDAwAf
HgMEBx+pgAMDAC6HAwQGLqfAAwQFPhhAAwQFPvCgAwQGPvVAAwMATTADAwFOLAMD
AE5mAwQFUF9gAwQEURvAAwQGUo5AAwQHVCqAAwQGVPJAAwMAVjEDBAdYkoADAwFZ
ZgMDAVmwAwQEXVqgAwMAXWMDAwFecAMEBW1rwAMEBo2qgAMEBrJNwAMEA7xfeAME
BtXAAAMEBtXcwAMEBNlNoDAbBAIAAjAVAwUDKgARsAMFACoBBeADBQQqAoMAMA0G
CSqGSIb3DQEBCwUAA4IBAQBgk8l0rDYzX1Z8GIeugVbl4sZ28pZ9ATYAUOZWtzWy
MsiJbgJBwD9Xp8oITSiMiV1OhkKNVoHDZtK3AFTacSOhBxAVJxi22Z74D0jYPTTo
6wiembyX2ENow6HIPSueKDlYmwmLveGzFbOZ4nmElSWq4AXtR2m5GhjhzDgQsKTQ
IyLFlqOsQ/YME89m2grtuE0RDqK7yadIWXV0zg0zpdgw/XwsJtu0C6v/eeb62AvE
xu1S7bZiZ1RlIlmp5Lodt4iw9twL65si8b1JHl8NV8r1ODkRfsIHlPrDBL4R5w/9
YuXkkbTsjSizwKRzWhyheNU0BzcVOfmsS6aohsp+WRF+
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:39 2024 by rpki-client on console-fra.rpki-client.org